CVE-2012-4601 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Vector
NIST	NIST	6 UNKNOWN	NETWORK	MEDIUM	AV:N/AC:M/Au:S/C:P/I:P/A:P
mitre	CNA	---			---
CVE	ADP	---			---

Base Score

CVSS 3.x

EPSS Score

Percentile: 48%

Vendor	Product	Version
tecnick	tcexam	𝑥 ≤ 11.3.008
tecnick	tcexam	10.1.000
tecnick	tcexam	10.1.001
tecnick	tcexam	10.1.002
tecnick	tcexam	10.1.003
tecnick	tcexam	10.1.004
tecnick	tcexam	10.1.005
tecnick	tcexam	10.1.006
tecnick	tcexam	10.1.007
tecnick	tcexam	10.1.008
tecnick	tcexam	10.1.009
tecnick	tcexam	10.1.010
tecnick	tcexam	10.1.011
tecnick	tcexam	10.1.012
tecnick	tcexam	10.1.013
tecnick	tcexam	11.0.000
tecnick	tcexam	11.0.001
tecnick	tcexam	11.0.002
tecnick	tcexam	11.0.003
tecnick	tcexam	11.0.004
tecnick	tcexam	11.0.005
tecnick	tcexam	11.0.006
tecnick	tcexam	11.0.007
tecnick	tcexam	11.0.008
tecnick	tcexam	11.0.009
tecnick	tcexam	11.0.010
tecnick	tcexam	11.0.011
tecnick	tcexam	11.0.012
tecnick	tcexam	11.0.013
tecnick	tcexam	11.0.014
tecnick	tcexam	11.0.015
tecnick	tcexam	11.0.016
tecnick	tcexam	11.1.000
tecnick	tcexam	11.1.001
tecnick	tcexam	11.1.002
tecnick	tcexam	11.1.003
tecnick	tcexam	11.1.004
tecnick	tcexam	11.1.005
tecnick	tcexam	11.1.006
tecnick	tcexam	11.1.007
tecnick	tcexam	11.1.008
tecnick	tcexam	11.1.009
tecnick	tcexam	11.1.010
tecnick	tcexam	11.1.011
tecnick	tcexam	11.1.012
tecnick	tcexam	11.1.013
tecnick	tcexam	11.1.014
tecnick	tcexam	11.1.015
tecnick	tcexam	11.1.016
tecnick	tcexam	11.1.017
tecnick	tcexam	11.1.018
tecnick	tcexam	11.1.019
tecnick	tcexam	11.1.020
tecnick	tcexam	11.1.021
tecnick	tcexam	11.1.022
tecnick	tcexam	11.1.023
tecnick	tcexam	11.1.024
tecnick	tcexam	11.1.025
tecnick	tcexam	11.1.026
tecnick	tcexam	11.1.027
tecnick	tcexam	11.1.028
tecnick	tcexam	11.1.029
tecnick	tcexam	11.1.030
tecnick	tcexam	11.1.031
tecnick	tcexam	11.2.000
tecnick	tcexam	11.2.001
tecnick	tcexam	11.2.002
tecnick	tcexam	11.2.003
tecnick	tcexam	11.2.004
tecnick	tcexam	11.2.005
tecnick	tcexam	11.2.006
tecnick	tcexam	11.2.007
tecnick	tcexam	11.2.008
tecnick	tcexam	11.2.010
tecnick	tcexam	11.2.011
tecnick	tcexam	11.2.012
tecnick	tcexam	11.2.013
tecnick	tcexam	11.2.014
tecnick	tcexam	11.2.015
tecnick	tcexam	11.2.016
tecnick	tcexam	11.2.017
tecnick	tcexam	11.2.018
tecnick	tcexam	11.2.020
tecnick	tcexam	11.2.021
tecnick	tcexam	11.2.022
tecnick	tcexam	11.2.023
tecnick	tcexam	11.2.025
tecnick	tcexam	11.2.026
tecnick	tcexam	11.2.027
tecnick	tcexam	11.2.028
tecnick	tcexam	11.2.029
tecnick	tcexam	11.2.030
tecnick	tcexam	11.2.031
tecnick	tcexam	11.2.032
tecnick	tcexam	11.3.000
tecnick	tcexam	11.3.001
tecnick	tcexam	11.3.002
tecnick	tcexam	11.3.003
tecnick	tcexam	11.3.004
tecnick	tcexam	11.3.005
tecnick	tcexam	11.3.006
tecnick	tcexam	11.3.007

𝑥

= Vulnerable software versions

Known Exploits!

Common Weakness Enumeration

CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
The software constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component.

References

http://freecode.com/projects/tcexam/releases/347588

http://secunia.com/advisories/50539

http://sourceforge.net/projects/tcexam/files/CHANGELOG.TXT/view

http://tcexam.git.sourceforge.net/git/gitweb.cgi?p=tcexam/tcexam%3Ba=commit%3Bh=3e1ed3c02122eae182f076daabe903b0c8837971

https://www.htbridge.com/advisory/HTB23111

http://freecode.com/projects/tcexam/releases/347588

http://secunia.com/advisories/50539

http://sourceforge.net/projects/tcexam/files/CHANGELOG.TXT/view

http://tcexam.git.sourceforge.net/git/gitweb.cgi?p=tcexam/tcexam%3Ba=commit%3Bh=3e1ed3c02122eae182f076daabe903b0c8837971

https://www.htbridge.com/advisory/HTB23111